package com.blog.admin.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.subject.Subject;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.blog.admin.service.PermissionService;
import com.blog.admin.service.UserService;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.blog.admin.pojo.auth.Permission;
import com.blog.admin.pojo.auth.User;
import com.blog.admin.utils.IPUtils;
import com.blog.admin.utils.RedisUtils;
import com.blog.admin.utils.UserUtils;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;


@Controller
@RequestMapping(value = "/admin")
public class AuthController {
	
	@Autowired
	private UserService UserService;
	
	@Autowired
	private PermissionService permissionService;

	@RequestMapping(value = "/login", method = RequestMethod.POST)
    public String submitLogin(String username, String password, HttpServletRequest request) {
        try {
        	password = new Md5Hash(password, username).toString();
            UsernamePasswordToken token = new UsernamePasswordToken(username, password);
            Subject subject = SecurityUtils.getSubject();
            subject.login(token);
        } catch (DisabledAccountException e) {
            request.setAttribute("msg", "账户已被禁用");
            return "login";
        } catch (AuthenticationException e) {
            request.setAttribute("msg", "用户名或密码错误");
            return "login";
        }

        List<Permission> listPermissions = permissionService.selectMenusByUser(UserUtils.currentLoginUser());
        RedisUtils.saveUserMenus(UserUtils.currentLoginUser().getId(),JSON.toJSONString(listPermissions)); //保存用户权限菜单
        
        // 执行到这里说明用户已登录成功
        return "redirect:/admin/index";
    }


    @RequestMapping(value = "/login", method = RequestMethod.GET)
    public String loginPage() {
    	RedisUtils.name();
        return "login";
    }

    //首页方法
    @RequestMapping(value = "/index", method = RequestMethod.GET)
    public String loginSuccessMessage(HttpServletRequest request) {
    	System.out.println(IPUtils.getIpAddr(request));
        User currentLoginUser = UserUtils.currentLoginUser();

        if (currentLoginUser == null) {
            return "redirect:/admin/login";
        }
        request.setAttribute("user", currentLoginUser);
        //获取用户的菜单列表
        String menus = RedisUtils.getUserMenus(currentLoginUser.getId());
        
        request.setAttribute("user_menus", JSONArray.parseArray(menus));
        return "index";
    }

    //被踢出后跳转的页面
    @RequestMapping(value = "/controut", method = RequestMethod.GET)
    public String contrOut() {
        return "controut";
    }
    
    //测试  根据用户id获取用户信息
    @RequestMapping(value = "/getuser", method = RequestMethod.GET)
    @ResponseBody
    public User getUserById(String id) {
        return UserService.getUserById(Integer.valueOf(id));
    }
    
}
